This Critical Patch Update provides 20 additional security
fixes for Java SE.The highest CVSS Base Score for the Java
vulnerabilities fixed in this Critical Patch Update is 10.0.This score affects a single Java SE client
vulnerability (CVE-2014-4227).7 other
Java SE client vulnerabilities receive a CVSS Base Score of 9.3 (denoting that
a complete compromise of the targeted client is possible, but that that access
complexity to exploit these vulnerabilities is “medium.”)All in all, this Critical Patch Update
provides fixes for 17 Java SE client vulnerabilities, 1 for a JSSE
vulnerability affecting client and server, and 2 vulnerabilities affecting Java
client and server.Oracle recommends
that home users visit http://java.com/en/download/installed.jsp
to ensure that they run the most recent version of Java.Oracle also recommends Windows XP users to
upgrade to a currently-supported operating system.Running unsupported operating systems,
particularly one as prevalent as Windows XP, create a very significant risk to
users of these systems as vulnerabilities are widely known, exploit kits routinely
available, and security patches no longer provided by the OS provider.

Oracle Sun Systems
Products Suite receive 3 new security fixes with this Critical Patch Update and
one additional Oracle Enterprise Manager Grid Control fix is applicable to
these deployments.Fixes that exist
because of the dependency between individual Oracle product components are
listed in italics in the Critical
Patch Update Advisory.These bugs
are listed in the risk matrices of the products they initially exist in, as well
as in the risk matrices of the products they are used with.The most severe CVSS Base Score for these
Oracle Sun Systems Products Suite vulnerabilities is 6.9.

As a reminder, Critical Patch Update fixes are intended to address
significant security vulnerabilities in Oracle products and also include code
fixes that are prerequisites for the security fixes.As a result, Oracle recommends that this Critical
Patch Update be applied as soon as possible by customers using the affected
products.